P
US9325673B2ActiveUtilityPatentIndex 73

Communication system and communication method

Assignee: SONY CORPPriority: Sep 5, 2006Filed: Jul 25, 2014Granted: Apr 26, 2016
Est. expirySep 5, 2026(~0.2 yrs left)· nominal 20-yr term from priority
Inventors:TERUYAMA KATSUYUKI
H04W 84/18H04L 9/0841H04W 12/04H04L 2209/805H04L 9/14H04L 63/0428H04L 63/205H04W 84/12H04L 9/0618H04W 12/50
73
PatentIndex Score
3
Cited by
65
References
15
Claims

Abstract

The present embodiments relate to a communication system, communication method, information processor, method, device, program, and recording medium which permit plural algorithms to be treated and which can impart expansibility to communications. A capability list stores a capability list in which capabilities regarding algorithms for encryption and decryption treated by a reader/writer are described. Similarly, a capability list stores a capability list in which capabilities regarding algorithms for encryption and decryption treated by an IC card are described. The reader/writer and the IC card exchange their mutual capability lists, select algorithms capable of securing a security level according to the importance of the data sent and received, and perform communications based on the selected algorithms. The present embodiments can be applied, for example, to a device that performs communications by the NFCIP method.

Claims

exact text as granted — not AI-modified
The invention claimed is: 
     
       1. A first device for performing communication with a second device, the first device comprising:
 circuitry configured to: 
 send, to the second device, a capability list indicating capabilities regarding each encryption algorithm which is capable of being used by the first device; 
 receive, from the second device, identification information and a first key, wherein the first key and the identification information are used by the first device to create a session key; and 
 send an encrypted session key created after the reception of the identification information and encrypted by the first key. 
 
     
     
       2. The first device according to  claim 1 , wherein the capabilities include capabilities of a key sharing system and a cryptocommunication system. 
     
     
       3. The first device according to  claim 2 , wherein the key sharing system is defined by at least one of Diffie-Hellman, Elliptic Curve Diffie-Hellman, Rivest, Shamir, Adleman (RSA), and a pre-shared key, and the cryptocommunication system is defined by at least one of Data Encryption Standard (DES) and Advanced Encryption Standard (AES). 
     
     
       4. The first device according to  claim 1 , wherein the circuitry is further configured to determine each encryption algorithm according to a security level. 
     
     
       5. The first device according to  claim 1 , wherein the circuitry is further configured to:
 select an encryption algorithm from the capability list; 
 create another capability list in which the selected encryption algorithm is included; and 
 send the another capability list to the second device. 
 
     
     
       6. The first device according to  claim 1 , wherein the circuitry is further configured to determine an encryption algorithm according to security levels corresponding to different strengths of encryption required by the communication such that a higher security level corresponds to a higher complexity encryption algorithm. 
     
     
       7. A first device for performing communication with a second device, the first device comprising:
 circuitry configured to: 
 store a first capability list indicating capabilities regarding each encryption algorithm which is capable of being used by the first device; 
 receive a second capability list indicating capabilities regarding each encryption algorithm which is capable of being used by the second device; 
 determine an encryption algorithm, which is available for use by the second device to create an encrypted session key, by referring to the first capability list and the second capability list; 
 create a first key and a second key based on the determined encryption algorithm; 
 send, to the second device, identification information for identifying the determined encryption algorithm; 
 send, to the second device, the first key; 
 receive, from the second device, the encrypted session key; and 
 derive a decrypted session key from the encrypted session key by decrypting the encrypted session key with the second key. 
 
     
     
       8. The first device according to  claim 7 , wherein the capabilities include capabilities of a key sharing system and a cryptocommunication system. 
     
     
       9. The first device according to  claim 8 , wherein the key sharing system is defined by at least one of Diffie-Hellman, Elliptic Curve Diffie-Hellman, Rivest, Shamir, Adleman (RSA), and a pre-shared key, and the cryptocommunication system is defined by at least one of Data Encryption Standard (DES) and Advanced Encryption Standard (AES). 
     
     
       10. The first device according to  claim 7 , wherein the circuitry is configured to receive the second capability list by using polling from the second device. 
     
     
       11. The first device according to  claim 7 , wherein the circuitry is further configured to generate a third capability list using the first capability list and the second capability list. 
     
     
       12. A method of information processing for a first device performing communication with a second device, the method comprising:
 sending, to the second device, a capability list indicating capabilities regarding each encryption algorithm which is capable of being used by the first device; 
 receiving, from the second device, identification information and a first key, wherein the first key and the identification information are used by the first device to create a session key; and 
 sending an encrypted session key created after the reception of the identification information and encrypted by the first key. 
 
     
     
       13. A non-transitory computer readable medium having stored thereon a set of computer-executable instructions for causing a first device to perform steps comprising:
 sending, to a second device, a capability list indicating capabilities regarding each encryption algorithm which is capable of being used by the first device; 
 receiving, from the second device, identification information and a first key, wherein the first key and the identification information are used by the first device to create a session key; and 
 sending an encrypted session key created after the reception of the identification information and encrypted by the first key. 
 
     
     
       14. A method of information processing for a first device for performing communication with a second device, the method comprising:
 storing a first capability list indicating capabilities regarding each encryption algorithm which is capable of being used by the first device; 
 receiving a second capability list indicating capabilities regarding each encryption algorithm which is capable of being used by the second device; 
 determining the encryption algorithm, which is available for use by the second device to create an encrypted session key, by referring to the first capability list and the second capability list; 
 creating a first key and a second key based on the determined encryption algorithm; 
 sending, to the second device, identification information for identifying the determined encryption algorithm and the first key; 
 receiving, from the second device, the encrypted session key; and 
 deriving a decrypted session key from the encrypted session key by decrypting the encrypted session key with the second key. 
 
     
     
       15. A non-transitory computer-readable medium having stored thereon, a set of computer-executable instructions for causing a first device to perform steps comprising:
 storing a first capability list indicating capabilities regarding each encryption algorithm which is capable of being used by the first device; 
 receiving, from a second device, a second capability list indicating capabilities regarding each encryption algorithm which is capable of being used by the second device; 
 determining the encryption algorithm, which is available for use by the second device to create an encrypted session key, by referring to the first capability list and the second capability list; 
 creating a first key and a second key based on the determined encryption algorithm; 
 sending, to the second device, identification information for identifying the determined encryption algorithm and the first key; 
 receiving, from the second device, the encrypted session key; and 
 deriving a decrypted session key from the encrypted session key by decrypting the encrypted session key with the second key.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.